Data & Privacy

This page explains what information we collect when you use the service, why, the legal basis, who we share it with, where it's transferred, and your rights — under Israel's Protection of Privacy Law, 5741-1981, and the EU General Data Protection Regulation (GDPR) for users in the EU.

Last updated: June 2026

Who's responsible for your data

The service is operated by Ofer Mustigman (the data controller). For any privacy question, or to exercise your rights, contact us through the contact form on the site.

EU/EEA residents can contact us directly through the contact form for any GDPR matter. If and when an EU representative under GDPR Art. 27 is appointed, their details will be published here.

What we collect

  • Sign-in and contact details: a phone number, Telegram account, or email address — depending on the sign-in method you choose. We use these to identify you and deliver your reminders.
  • Profile details: the name you choose, your interface language, time zone, and the timestamps of your most recent activity (on the site and with the bot).
  • Reminder content: the text and schedule of every reminder you create, and the history of what was sent and acknowledged.
  • Messages: when you submit a contact or accessibility-report form — your name, reply-to details, the message, and your IP address (for abuse prevention only).
  • Technical data: a session cookie and a security (CSRF) token required to operate the service.

How we use your information

  • To run the service — sign you in, send your reminders, and nag until you confirm.
  • To get back to you about a message or an accessibility report.
  • To prevent abuse, spam, and automated attacks.

Legal basis for processing (GDPR Arts. 6 & 9)

For users in the EU, these are the lawful bases we rely on:

  • Performance of a contract — to run the service you asked for: signing you in and delivering your reminders.
  • Legitimate interests — to prevent abuse and spam (including storing the contact-form IP) and to respond to your messages.
  • Explicit consent — to store and deliver reminder content that may include sensitive (e.g. health, Art. 9) data. You can withdraw consent at any time by deleting the reminder or your account.

Who we share it with

We don't sell your information and we don't use it for advertising. We share data only with service providers needed to run the service:

  • Telegram — to deliver messages and for Telegram sign-in.
  • WhatsApp (Meta) — to deliver reminders on WhatsApp, when that channel is enabled.
  • Cloudflare Turnstile — bot protection on the contact form. It sets no tracking cookies.
  • Our hosting provider (DigitalOcean) — where the service runs and the data is stored.

International transfers

Some of our service providers (Telegram, Meta, Cloudflare) may process data in the United States, relying on the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs). Where data is processed in Israel, Israel is recognised by the EU as providing an adequate level of protection (an adequacy decision).

How long we keep it

Account and reminder data are kept while your account is active and deleted when you delete the account. Contact messages and their IP address are kept for handling, follow-up, and abuse prevention, and no longer than needed for that. You can download a copy of your data or delete your account at any time under Settings → "Your data".

Your rights

You have the right to access the data we hold about you, get a portable copy of it, correct it, erase it, restrict or object to processing, and withdraw any consent you gave. Access and erasure are available directly under Settings → "Your data"; for any other request, contact us through the contact form and we'll respond within one month.

If you believe we've processed your data unlawfully, you have the right to lodge a complaint with a supervisory authority — in Israel, the Privacy Protection Authority; in the EU, the data protection authority in your country of residence.

United States residents

The service is also offered to US residents, so US state privacy laws apply too. The rights and commitments below are in addition to the above.

State privacy rights

We don't sell your personal information and we don't share it for cross-context targeted advertising. Subject to your state's law, you have the right to access the data we hold about you, get a copy of it, correct it, and delete it — and we won't discriminate against you for exercising those rights. Access and deletion are available directly under Settings → "Your data"; for any other request, contact us through the contact form.

Consumer health data (Washington's My Health My Data Act and similar)

Reminder content you choose to create may relate to your health (for example, a reminder to take a medication). We collect such data only with your explicit consent and solely to run the reminders you asked for, and we share it only with the channel provider you chose (Telegram or WhatsApp) to deliver the message — for no other purpose. We do not sell health data. You can delete any reminder, or your entire account and all its data, at any time under Settings → "Your data".

Data security

Traffic to the site is encrypted (HTTPS). Access to data is restricted, and credentials for the external channels are never stored in the database. That said, no service is completely immune, and we can't guarantee absolute security.

Cookies

We use only essential cookies — a session cookie that keeps you signed in and a security token. We don't use advertising or tracking cookies, and the site makes no third-party calls that set cookies — so no cookie-consent banner is needed.

Minimum age

The service isn't intended for children. If you're not at least 16 (or the age set in your country — in the United States, under 13), please don't use the service or give us any personal data.

Changes to this page

We may update this page from time to time. The date above reflects the most recent update.